Skip to content

feat: support provider name in CredentialModel && support env ALIBABA… #131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Mar 7, 2025
Merged

feat: support provider name in CredentialModel && support env ALIBABA… #131

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions credentials/bearer_token_credential.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@ func newBearerTokenCredential(token string) *BearerTokenCredential {

func (s *BearerTokenCredential) GetCredential() (*CredentialModel, error) {
credential := &CredentialModel{
BearerToken: tea.String(s.BearerToken),
Type: tea.String("bearer"),
BearerToken: tea.String(s.BearerToken),
Type: tea.String("bearer"),
ProviderName: tea.String("bearer"),
}
return credential, nil
}
Expand Down
1 change: 1 addition & 0 deletions credentials/bearer_token_credential_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,5 @@ func Test_BearerTokenCredential(t *testing.T) {
assert.Nil(t, cred.AccessKeySecret)
assert.Nil(t, cred.SecurityToken)
assert.Equal(t, "bearer", *cred.Type)
assert.Equal(t, "bearer", *cred.ProviderName)
}
17 changes: 15 additions & 2 deletions credentials/credential.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,19 @@ func NewCredential(config *Config) (credential Credential, err error) {
}
switch tea.StringValue(config.Type) {
case "credentials_uri":
credential = newURLCredential(tea.StringValue(config.Url))
provider, err := providers.NewURLCredentialsProviderBuilder().
WithUrl(tea.StringValue(config.Url)).
WithHttpOptions(&providers.HttpOptions{
Proxy: tea.StringValue(config.Proxy),
ReadTimeout: tea.IntValue(config.Timeout),
ConnectTimeout: tea.IntValue(config.ConnectTimeout),
}).
Build()

if err != nil {
return nil, err
}
credential = FromCredentialsProvider("credentials_uri", provider)
case "oidc_role_arn":
provider, err := providers.NewOIDCCredentialsProviderBuilder().
WithRoleArn(tea.StringValue(config.RoleArn)).
Expand Down Expand Up @@ -488,7 +500,8 @@ func (cp *credentialsProviderWrap) GetCredential() (cm *CredentialModel, err err
AccessKeyId: &c.AccessKeyId,
AccessKeySecret: &c.AccessKeySecret,
SecurityToken: &c.SecurityToken,
Type: &c.ProviderName,
Type: &cp.typeName,
ProviderName: &c.ProviderName,
}
return
}
Expand Down
15 changes: 15 additions & 0 deletions credentials/credential_model.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,17 @@ type CredentialModel struct {
// bearer token
BearerToken *string `json:"bearerToken,omitempty" xml:"bearerToken,omitempty"`
// type
//
// example:
//
// access_key
Type *string `json:"type,omitempty" xml:"type,omitempty"`
// provider name
//
// example:
//
// cli_profile/static_ak
ProviderName *string `json:"providerName,omitempty" xml:"providerName,omitempty"`
}

func (s CredentialModel) String() string {
Expand Down Expand Up @@ -48,3 +58,8 @@ func (s *CredentialModel) SetType(v string) *CredentialModel {
s.Type = &v
return s
}

func (s *CredentialModel) SetProviderName(v string) *CredentialModel {
s.ProviderName = &v
return s
}
9 changes: 7 additions & 2 deletions credentials/credential_model_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,17 @@ func Test_Credential(t *testing.T) {
SecurityToken: tea.String("SecurityToken"),
BearerToken: tea.String("BearerToken"),
Type: tea.String("Type"),
ProviderName: tea.String("ProviderName"),
}
assert.Equal(t, "AccessKeyId", *cred.AccessKeyId)
assert.Equal(t, "AccessKeySecret", *cred.AccessKeySecret)
assert.Equal(t, "SecurityToken", *cred.SecurityToken)
assert.Equal(t, "BearerToken", *cred.BearerToken)
assert.Equal(t, "Type", *cred.Type)
assert.Equal(t, "ProviderName", *cred.ProviderName)

assert.Equal(t, "{\n \"accessKeyId\": \"AccessKeyId\",\n \"accessKeySecret\": \"AccessKeySecret\",\n \"securityToken\": \"SecurityToken\",\n \"bearerToken\": \"BearerToken\",\n \"type\": \"Type\"\n}", cred.String())
assert.Equal(t, "{\n \"accessKeyId\": \"AccessKeyId\",\n \"accessKeySecret\": \"AccessKeySecret\",\n \"securityToken\": \"SecurityToken\",\n \"bearerToken\": \"BearerToken\",\n \"type\": \"Type\"\n}", cred.GoString())
assert.Equal(t, "{\n \"accessKeyId\": \"AccessKeyId\",\n \"accessKeySecret\": \"AccessKeySecret\",\n \"securityToken\": \"SecurityToken\",\n \"bearerToken\": \"BearerToken\",\n \"type\": \"Type\",\n \"providerName\": \"ProviderName\"\n}", cred.String())
assert.Equal(t, "{\n \"accessKeyId\": \"AccessKeyId\",\n \"accessKeySecret\": \"AccessKeySecret\",\n \"securityToken\": \"SecurityToken\",\n \"bearerToken\": \"BearerToken\",\n \"type\": \"Type\",\n \"providerName\": \"ProviderName\"\n}", cred.GoString())

cred = &CredentialModel{}
cred.SetAccessKeyId("")
Expand All @@ -33,12 +35,15 @@ func Test_Credential(t *testing.T) {
assert.Equal(t, "", *cred.SecurityToken)
assert.Nil(t, cred.BearerToken)
assert.Nil(t, cred.Type)
assert.Nil(t, cred.ProviderName)
}

func Test_Credential2(t *testing.T) {
cred := &CredentialModel{}
cred.SetBearerToken("bearertoken")
assert.Equal(t, "bearertoken", *cred.BearerToken)
cred.SetType("bearertoken")
cred.SetProviderName("bearertoken")
assert.Equal(t, "bearertoken", *cred.Type)
assert.Equal(t, "bearertoken", *cred.ProviderName)
}
4 changes: 2 additions & 2 deletions credentials/credential_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -299,8 +299,8 @@ func TestNewCredentialWithCredentialsURI(t *testing.T) {

config.SetURLCredential("")
cred, err = NewCredential(config)
assert.Nil(t, err)
assert.NotNil(t, cred)
assert.NotNil(t, err)
assert.Nil(t, cred)
assert.Equal(t, "", tea.StringValue(config.Url))
}

Expand Down
15 changes: 9 additions & 6 deletions credentials/providers/cli_profile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,14 +181,17 @@ var getHomePath = utils.GetHomePath

func (provider *CLIProfileCredentialsProvider) GetCredentials() (cc *Credentials, err error) {
if provider.innerProvider == nil {
homedir := getHomePath()
if homedir == "" {
err = fmt.Errorf("cannot found home dir")
return
cfgPath := os.Getenv("ALIBABA_CLOUD_CONFIG_FILE")
if cfgPath == "" {
homeDir := getHomePath()
if homeDir == "" {
err = fmt.Errorf("cannot found home dir")
return
}

cfgPath = path.Join(homeDir, ".aliyun/config.json")
}

cfgPath := path.Join(homedir, ".aliyun/config.json")

conf, err1 := newConfigurationFromPath(cfgPath)
if err1 != nil {
err = err1
Expand Down
10 changes: 10 additions & 0 deletions credentials/providers/cli_profile_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,8 +191,10 @@ func TestCLIProfileCredentialsProvider_getCredentialsProvider(t *testing.T) {
func TestCLIProfileCredentialsProvider_GetCredentials(t *testing.T) {
originHttpDo := httpDo
defer func() { httpDo = originHttpDo }()
rollback := utils.Memory("ALIBABA_CLOUD_CONFIG_FILE")
defer func() {
getHomePath = utils.GetHomePath
rollback()
}()

getHomePath = func() string {
Expand All @@ -211,6 +213,14 @@ func TestCLIProfileCredentialsProvider_GetCredentials(t *testing.T) {
_, err = provider.GetCredentials()
assert.EqualError(t, err, "reading aliyun cli config from '/path/invalid/home/dir/.aliyun/config.json' failed open /path/invalid/home/dir/.aliyun/config.json: no such file or directory")

// testcase: specify credentials file with env
os.Setenv("ALIBABA_CLOUD_CONFIG_FILE", "/path/to/config.invalid")
provider, err = NewCLIProfileCredentialsProviderBuilder().Build()
assert.Nil(t, err)
_, err = provider.GetCredentials()
assert.EqualError(t, err, "reading aliyun cli config from '/path/to/config.invalid' failed open /path/to/config.invalid: no such file or directory")
os.Unsetenv("ALIBABA_CLOUD_CONFIG_FILE")

getHomePath = func() string {
wd, _ := os.Getwd()
return path.Join(wd, "fixtures")
Expand Down
2 changes: 1 addition & 1 deletion credentials/providers/default.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func NewDefaultCredentialsProvider() (provider *DefaultCredentialsProvider) {

// credentials uri
if os.Getenv("ALIBABA_CLOUD_CREDENTIALS_URI") != "" {
credentialsUriProvider, err := NewURLCredentialsProviderBuilderBuilder().Build()
credentialsUriProvider, err := NewURLCredentialsProviderBuilder().Build()
if err == nil {
providers = append(providers, credentialsUriProvider)
}
Expand Down
2 changes: 1 addition & 1 deletion credentials/providers/uri.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ type URLCredentialsProviderBuilder struct {
provider *URLCredentialsProvider
}

func NewURLCredentialsProviderBuilderBuilder() *URLCredentialsProviderBuilder {
func NewURLCredentialsProviderBuilder() *URLCredentialsProviderBuilder {
return &URLCredentialsProviderBuilder{
provider: &URLCredentialsProvider{},
}
Expand Down
12 changes: 6 additions & 6 deletions credentials/providers/uri_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,19 @@ func TestNewURLCredentialsProvider(t *testing.T) {
rollback()
}()
// case 1: no credentials provider
_, err := NewURLCredentialsProviderBuilderBuilder().
_, err := NewURLCredentialsProviderBuilder().
Build()
assert.EqualError(t, err, "the url is empty")

// case 2: no role arn
os.Setenv("ALIBABA_CLOUD_CREDENTIALS_URI", "http://localhost:8080")
p, err := NewURLCredentialsProviderBuilderBuilder().
p, err := NewURLCredentialsProviderBuilder().
Build()
assert.Nil(t, err)
assert.True(t, strings.HasPrefix(p.url, "http://localhost:8080"))

// case 3: check default role session name
p, err = NewURLCredentialsProviderBuilderBuilder().
p, err = NewURLCredentialsProviderBuilder().
WithUrl("http://localhost:9090").
Build()
assert.Nil(t, err)
Expand All @@ -40,7 +40,7 @@ func TestNewURLCredentialsProvider(t *testing.T) {
func TestURLCredentialsProvider_getCredentials(t *testing.T) {
originHttpDo := httpDo
defer func() { httpDo = originHttpDo }()
p, err := NewURLCredentialsProviderBuilderBuilder().
p, err := NewURLCredentialsProviderBuilder().
WithUrl("http://localhost:8080").
Build()
assert.Nil(t, err)
Expand Down Expand Up @@ -132,7 +132,7 @@ func TestURLCredentialsProvider_GetCredentials(t *testing.T) {
defer func() { httpDo = originHttpDo }()

// case 0: get previous credentials failed
p, err := NewURLCredentialsProviderBuilderBuilder().
p, err := NewURLCredentialsProviderBuilder().
WithUrl("http://localhost:8080").
Build()
assert.Nil(t, err)
Expand Down Expand Up @@ -184,7 +184,7 @@ func TestURLCredentialsProvider_GetCredentials(t *testing.T) {
}

func TestURLCredentialsProviderWithHttpOptions(t *testing.T) {
p, err := NewURLCredentialsProviderBuilderBuilder().
p, err := NewURLCredentialsProviderBuilder().
WithUrl("http://localhost:8080").
WithHttpOptions(&HttpOptions{
ConnectTimeout: 1000,
Expand Down
4 changes: 3 additions & 1 deletion integration/auth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ func TestOidc(t *testing.T) {
assert.NotNil(t, c.AccessKeySecret)
assert.NotNil(t, c.SecurityToken)
assert.Equal(t, "oidc_role_arn", *c.Type)
assert.Equal(t, "oidc_role_arn", *c.ProviderName)
}

func TestDefaultProvider(t *testing.T) {
Expand All @@ -90,5 +91,6 @@ func TestDefaultProvider(t *testing.T) {
assert.NotNil(t, c.AccessKeyId)
assert.NotNil(t, c.AccessKeySecret)
assert.NotNil(t, c.SecurityToken)
assert.Equal(t, "default/oidc_role_arn", *c.Type)
assert.Equal(t, "default", *c.Type)
assert.Equal(t, "default/oidc_role_arn", *c.ProviderName)
}
Loading